Jim Fenton wrote in
<[email protected]>:
|On 20 Jan 2025, at 16:49, Richard Clayton wrote:
|> not really ... the issue that had been overlooked relates to a good
|> sender who hires someone to send their mail. One of the destinations
|> fails and the report goes back to the sender not to the intermediary who
|> is looking after the destination list. The same issue arises with
|> mailing lists in that individual contributors learn of delivery failures
|> whereas it is in really a matter for the list owner to deal with.
|
|Please check my understanding of this: In this situation, wouldn’t \
|the good sender use their own address (not their client’s) as the MAIL \
|FROM address (which presumably is signed now), and wo
|uldn’t the bounce go to that address normally? It’s not clear to me \
|that one needs to walk back down the chain to have the bounce go to \
|the right place.
That is what the giants do.
Until about May 2014 one could use GMail (and Yandex unless i am
totally mistaken) with "any email address". (As long as you could
successfully log in, of course.)
For example, i had sent announcement emails with my Sourceforge
address in From:, and i did so via Yandex and via GMail. That
Sourceforge thing is (and was) nothing but an alias to a real
email address (Yandex, then GMail).
The MUA i maintain by then only knew about one address, and used
this for RFC 5322 IMF From: as well as RFC 5321 SMTP MAIL FROM:<>.
This then no longer worked, and i had to implement
a differentiation possibility to be able to split these two, on
2014-05-10 i did that (last release before was on 2014-04-07..).
(*smtp-hostname* was that, if set it replaced the hostname on the
RFC 5321 thing, the user was required to be identical. The next
release will obsolete this, after a decade, and instead introduce
*smtp-from*, so one can overwrite anything.)
So the above situation seems to be quite a bit artificial, as
i personally do not know no more any service that allows usage of
just any address in both RFC 5322 From: and RFC 5321 MAIL FROM:<>.
I am guessing now, but i would even expect that today most require
not only that these two match, but also that they refer to the
very account on the very hosting service that is used.
Not that i like that, mind you!! I was thankful for the
possibility to send as Sourceforge and CPAN, for example!
Clearly a service should take responsibility for receiving bounces
etc for messages which they originated, which is, i would say,
satisfied by MAIL FROM:<>. What i said to Mr. Clayton in private.
Maybe services should offer "whitelisting" of addresses they then
support in RFC 5322 From:, for example by sending verification
mails (too stupid PGP, S/MIME .. are still not widely available).
Maybe they do this even -- i have no idea! I never used this
possibility no more ever since i finally rented a permanently
online vserver (in 2015).
Having said all that. That -01 of
dkim-access-control-diff-changes has envisioned redirection
("forward") of the full instance message "bounce forward copy".
(As opposed to the normal SMTP bounce, possibly headers-only or
so, which of course is on the SMTP protocol level -- where it
belongs!)
This is not worked out yet, but i thought of a unique ID (we
cannot use Message-ID for that) that originators (O flag set) can
embed into the DKIM signature, and keep around until the delivery
status report aka bounce is received; in the latter case it then
would (should) receive the full message as a RFC822 attachment in
an email sent to the given email address (this, btw, could also be
in the DNS record; it is the small window that DMARC *could* have,
but the DMARC DNS record is so complicated and overfull, that
i rather have something new *for that*).
Anyhow, with the ID and the full instance it could perform
analysis what has gone wrong: which hop alongside the path messed
it, whatever, causing automatic or manual steps to be taken to fix
the situation, or whatever.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
|
|In Fall and Winter, feel "The Dropbear Bard"s pint(er).
|
|The banded bear
|without a care,
|Banged on himself for e'er and e'er
|
|Farewell, dear collar bear
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
